Red Hat Knowledgebase

Release Found: Red Hat Enterprise Linux 5

Please confirm that these packages have been installed:

cyrus-sasl-lib
cyrus-sasl

Run saslauthd -v to get a list of which mechanisms can be used by saslauthd to checking users and passwords:

# saslauthd -v
saslauthd 2.1.22
authentication mechanisms: getpwent kerberos5 pam rimap shadow ldap

From above result, ldap mechanism can be used by saslauthd.

Assume that OpenLDAP server is running on the same server with saslauthd. All the users are under the subtree "ou=People,dc=example,dc=com" in the LDAP directory. User redhat with password redhatpwd has been added into OpenLDAP server.
Please refer to anonther Knowledgebase article (http://kbase.redhat.com/faq/FAQ_91_11441) for more details of configuring an OpenLDAP server.

Now, modify /etc/sysconfig/saslauthd, and use ldap as mechanism, just change this line:

MECH=pam

to

MECH=ldap

Then, create a new file: /etc/saslauthd.conf, contents as below:

ldap_servers: ldap://127.0.0.1
ldap_bind_dn: cn=Manager,dc=example,dc=com
ldap_bind_pw: redhat
ldap_search_base: ou=People,dc=example,dc=com
ldap_auth_method: bind

cn=Manager,dc=example,dc=com here is rootdn of OpenLDAP server, and redhat in the third line is OpenLDAP server's rootpw.

Restart saslauthd service and make it start automatically at boot time:

#service saslauthd restart
#chkconfig saslauthd on

Next, testsaslauthd can be used to testing saslauthd. Simply issue testsaslauthd for its usage:

# testsaslauthd
testsaslauthd: usage: testsaslauthd -u username -p password
 [-r realm] [-s servicename]
 [-f socket path] [-R repeatnum]

As user redhat with password redhatpwd, issue command:

#testsaslauthd -u redhat -p redhatpwd
0: OK "Success."